On Tue, Apr 17, 2007, Edward Chan wrote: > The problem with CryptoAPI is that it doesn't give you direct access to > the shared secret. But I suspect it is wrong since the > encryption/decryption fails (I encrypt something, and decrypt it, to > make sure it is the same as the original). >
It doesn't give you *direct* access to the shared secret or indeed other types of symmetric or asymmetric keys but there are back door ways of getting hold of the key anyway. One way is to encrypt the key using a public key to which you know the corresponsing private key and then obtaining the unencrypted result using OpenSSL. Another trick is in an MS KB article somewhere which relies on using a key with an exponent of 1. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
